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DETAILED ACTION 
Continued Examination Under 37 CFR L114 

1 . A request for continued examination under 37 CFR 1.114, including the fee set forth in 
37 CFR 1.17(e), was filed in this application after final rejection. Since this application is 
eUgible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) 
has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 
37 CFR 1.1 14. Applicant's submission filed on June 25, 2007 has been entered. 

Response to Arguments 

2. Applicant's arguments filed Jime 25, 2007 have been fiiUy considered but they are not 
persuasive. 

3. Applicant argues that "there is no motivation to modify Sunder et al. in the manner 
proposed by the Examiner, and obviousness has not been established with respect to claims 1, 
10, 19, and any claims depending therefrom." 

The Examiner notes that KSR forecloses the argument that a specific teaching, 
suggestion, or motivation is required to support a finding of obviousness. See KSR, 127 S. Ct. at 
1741,82 USPQ2datl396 

4. As per claims 7, 16, and 25, Applicant argues that Otto et al. does not teach a pseudonym 
generated by a merchant system. 

Applicant's argued that the Otto et al. fail to show a pseudonym generated by a merchant, 
it is noted that the features upon which Applicant relies (i.e. Applicant's arguments) are not 
recited in the rejected claim(s). That is, claims 7, 16, and 25 recites "wherein the authentication 
request includes a pseudonym corresponding to an electronic commerce card accoxmt number 
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and previously created by the central transaction server." Also, the rejection to claims 7, 16, and 
25 indicates that Otto teaches this limitation not a merchant generating the pseudonym. 
Although the claims are interpreted in Ught of the specification, Hmitations from the specification 
are not read into the claims. See In re Van Gems, 988 F.2d 1 181, 26 USPQ2d 1057 (Fed. Cir. 
1993). 

5. Claims 1-8, 10-17, 19-26, and 28-37 have been examined. 

Claim Objections 

6. Claims 1-7 are objected to because of the following informahties: recites the intended 
use phrase "adapted to". Note. "The recitation of a new intended use of an old product does not 
make a claim to that old product patentable". In re Schreiber, 44 USPQ2d 1429 (Fed. Cir. 1997). 
Appropriate correction is required. 

Claim Rejections - 35 USC§I03 

7. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patjcnted and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

8. Claims 1-2, 10-12 and 19-21 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over US PubUcation No. 2005/0021781 to Sunder et al. ("Sunder") in view of U.S. Publication 
No. 2003/0046541 to Gerdes et al. ("Gerdes"). 
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Referring to claim 1, Sunder discloses receive an authentication request from a 
cardholder system (i.e. client device)(see paragraphs [0005] & [0007]), forward the 
authentication request to an access control server (see paragraph [0008]), relay authentication 
information between the access control server and the cardholder system receive an 
authentication response from the access control server and forward the authentication response to 
the cardholder system (see paragraphs [[0010] &[001 1]). Sunder does not expressly disclose 
wherein the central transaction server is adapted to initiate a payment request process. Gerdes 
discloses a central transaction server is adapted to initiate a charge request via a card association 
network in response to receiving an authentication response from the access control server (see 
paragraph [0014]). At the time the invention was made, it would have been obvious to a person 
of ordinary skill in the art to modify the system disclose by Sunder to include the central 
transaction server is adapted to initiate a charge request via a card association network in 
response to receiving an authentication response from the access control server. One of ordinary 
skill in the art would have been motivated to do this because it provides aii additional level of 
security. 

Referring to claim 2, Sunder discloses an electronic commerce card authentication system 
(see claim 1 above). Sunder does not expressly disclose the authentication response is adapted to 
be analyzed by a merchant system. Gerdes discloses the authentication re$ponse is adapted to be 
analyzed by a merchant system (see paragraph [0014] - the authentication server sends a 
confirmation of the user identity to the service provider. Based on the confirmation, the service 
provider finally grants service access to the user). At the time the invention was made, it would 
have been obvious to a person of ordinary skill in the art to modify the system disclose by 
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Sunder to allow the merchant system to analyze the authentication response. One of ordinary 
skill in the art would have been motivated to do this because it provides authentication of a user 
to a service provider (see paragraph [0010] of Gerdes). 

Referring to claim 3, Sunder discloses an electronic commerce csurd authentication system 
(see claim 1 above). Sunder does not expressly disclose wherein the central transaction server is 
adapted to forward a copy of the authentication response to an authentication history server to be 
archived. Gerdes discloses the central transaction server is adapted to forward a copy of the 
authentication response to an authentication history server to be archived (see paragraph [0057]). 
At the time the invention was made, it would have been obvious to a person of ordinary skill in 
the art to modify the system disclose by Sunder to include a copy of the authentication response 
to an authentication history server. One of ordinary skill in the art would have been motivated to 
do this because it provides a history of authentication transaction (see paragraph [0057 of 
Gerdes). 

Claims 10 and 19 are rejected on the same rationale as claim 1 above. 
Claims 1 1 and 20 are rejected on the same rationale as claim 2 above. 
Claims 12 and 21 are rejected on the same rationale as claim 3 above. 

9. Claims 4-6, 13-15, 22-24, and 28 -31 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Sxmder and Gerdes as appUed to claims 1,10 and 14 above, and further in 
view of US Publication No. 2004/0254848 to Golan et al ("Golan"). 
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Referring to claims 4 and 5, Sunder discloses the electronic commerce card 
authentication system (see claim 1 above). Sunder does not expressly disclose wherein the 
central transaction server is further adapted receive a verifying enrollment request from a 
directory server, and to send a verifying enrollment response to the directory server; wherein the 
central transaction server is adapted to send the verifying enrolbnent response in response to a 
query to the access control server. Golan discloses wherein the central ti ansaction server is 
further adapted receive a verifying enrollment request from a directory server, and to send a 
verifying enrollment response to the directory server; wherein the central transaction server is 
adapted to send the verifying enrollment response in response to a query to the access control 
server (see paragraphs [0094]-[0097] & claims 5,6). At the time the invention was made, it 
would have been obvious to a person of ordinary skill in the art to modify the system disclose by 
Sunder to include the system wherein the central transaction server is further adapted receive a 
verifying enrollment request from a directory server, and to send a verifying enrollment response 
to the directory server; wherein the central transaction server is adapted to send the verifying 
enrollment response in response to a query to the access control server. One of ordinary skill in 
the art would have been motivated to do this because provides an additional level of verification, 
thereby securing the system. 

Referring to claim 6, Simder discloses the electronic conmaerce card authentication 
system (see claim 1 above). Sunder does not expressly disclose the central transaction server is 
adapted to send the verifying enrollment response to the directory server with or without 
querying the access control server, and is further adapted to query the access control server in 
response to receiving an authentication request. Golan discloses the central transaction server is 
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adapted to send the verifying enrollment response to the directory server with or without 
querying the access control server, and is further adapted to query the access control server in 
response to receiving an authentication request (see paragraphs [0099] &[0100]). At the time the 
invention was made, it would have been obvious to a person of ordinary skill in the art to modify 
the system disclose by Sunder to include the system wherein the central transaction server is 
adapted to send the verifying enrollment response to the directory server with or without 
querying the access control server, and is further adapted to query the access control server in 
response to receiving an authentication request. One of ordinary skill in the art would have been 
motivated to do this because provides an additional level of verification, thereby securing the 
system. 

Claims 13, 22, 28, and 30 are rejected on the same rationale as claim 4 above. 

Claims 14 and 23 are rejected on the same rationale as claim 5 above. 

Claims 15 and 24 are rejected on the same rationale as claims 6 above. 

Referring to claims 29 and 31, Sunder discloses the electronic conimerce card 
authentication system (see claims 28 and 30 respectively above). Sunder does not expressly 
disclose modifying the verifying enrollment request from a directory server, and forwarding the 
modified verifying enrollment response to the directory server. Golan discloses receiving a 
verifying enrollment request from a directory server, and to send a verifying enrollment response 
to the directory server and sending the verifying enrollment response in response to a query to 
the access control server (see paragraphs [0094]-[0097] & claims 5,6). Golan does not teach the 
request being modified; however, the concept of modifying data is well known in the art of data 
processing. Thus, at the time the invention was made, it would have been obvious to a person of 
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ordinary skill in the art to modify the system disclose by Sunder to include the steps of disclose 
receiving a verifying enrollment request from a directory server, and to send a verifying 
enrollment response to the directory server and sending the verifying enrollment response in 
response to a query to the access control server. One of ordinary skill in the art would have been 
motivated to do this because provides an additional level of verification, thereby securing the 
system. 

10. Claims 7, 16, and 25 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Sunder and Gerdes as applied to claims 1,10 and 19 above, and further in view of US 
Publication No. 2001/0029496 to Otto et al. ("Otto") 

Referring to claim 7, Sunder discloses the electronic commerce card authentication 
system (see claim 1 above). Sunder does not expressly disclose the authentication request 
includes a pseudonym corresponding to an electronic commerce card account number and 
previously created by the central transaction server. Otto discloses disclose the authentication 
request includes a pseudonym corresponding to an electronic commerce cjird account number 
and previously created by the central transaction server (see paragraph [0027] - [0029] -the user 
can submit the anonymous identifying information to the merchant; the merchant submits the 
request the banking network who then forwards the request to the financial institution that issued 
the anonymous card). At the time the invention was made, it would have been obvious to a 
person of ordinary skill in the art to modify the system disclose by Sunder to include a 
pseudonym corresponding the an electronic commerce card accoimt number in the authentication 
request, the pseudonym previously created by the central transaction server. One of ordinary 
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skill in the art would have been motivated to do this because it secures user's identity by 
providing a means for users to anonymously purchase goods and services over a network (see 
Otto paragraph [0007]). 

Claims 16 and 25 are rejected on the same rationale as claim 7 above. 

11. Claims 8, 17 and 26 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Sxmder and Gerdes as applied to claims 1,10 and 19 above, and further in view of US 
Publication No. 2003/0168510 to Allen. 

Referring to claim 8, Sunder discloses the electronic commerce card authentication 
system (see claim 1 above). Simder does not expressly disclose the authentication request 
includes a pseudonym previously created by a merchant system that corresponds to an electronic 
commerce card account number. Allen discloses a merchant generating a pseudonym (see 
abstract, paragraphs [0002] & [0028]). At the time the invention was made, it would have been 
obvious to a person of ordinary skill in the art to modify the system disclose by Sunder to include 
a pseudonym previously created by the merchant. One of ordinary skill in the art would have 
been motivated to do this because it protects messages and information being transmitted diuing 
a transaction. 

Claims 17 and 26 are rejected on the same rationale as claim 8 above. 

12. Claims 34- 37 are rejected under 35 U.S.C. 103(a) as being unpatentable over to Sunder 
et al. ("Sunder") and Golan in view of Allen. 

Referring to claim 34, Sunder discloses receiving an authentication request from a holder 
system (i.e. client device)(see paragraphs [0005] & [0007]), sending the authentication request 
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with the pseudonym to the access control server (see paragraph [0008])^ receiving an 
authentication response and sending the authentication response to the holder system (see 
paragraphs [[0010] &[001 1]). Simder does not expressly disclose receiving a verifying 
enrollment request, sending the verifying enrollment response to an access control server, 
receiving a verifying enrollment response from the access control server^ creating an altered 
verifying enrolling response comprising a pseudonym, sending the altered verifying enrolhnent 
response to a merchant system, wherein the merchant system subsequently sends an 
authentication request including the pseudonym to a holder system. Golan discloses receiving a 
verifying enrollment request, sending the verifying enrolhnent response to an access control 
server, receiving a verifying enrollment response from the access control server (see paragraphs 
[0094] - [0097] & claims 5, 6). As for creating an altered verifying enrollment response 
comprising a pseudonym and sending the altered verifying enrolhnent response to a merchant 
system, wherein the merchant system subsequently sends an authentication request including the 
pseudonym to a holder system, combining the pseudonym concepts taught by Sunder, the 
verification of enrollment concepts taught by Golan and the creation a pseudonym taught by 
Allen (see paragraphs [0002], [0028] & abstract) would result in these steps. At the time the 
invention was made, it would have been obvious to a person of ordinary skill in the art to modify 
the system disclose by Sunder to include the steps of receiving a verifying enrollment request, 
sending the verifying enrollment response to an access control server, receiving a verifying 
enrollment response from the access control server, creating an ahered verifying enrolling 
response comprising a pseudonym, sending the altered verifying enrolhnent response to a 
merchant system, wherein the merchant system subsequently sends an authentication request 
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including the pseudonym to a holder system. One of ordinary skill in the art would have been 
motivated to do this because it provides an additional level of security. 

As for claims 35-37, Sunder teaches these steps (see claim 34 above). 

Any inquiry conceming this communication or earlier communications from the 
examiner should be directed to Jalatee Worjloh whose telephone number is 571-272-6714. The 
examiner can normally be reached on Monday - Friday 9:30 - 6:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Andrew Fischer can be reached on 571-272-6779. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for pubUshed applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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